freshmeat.net: Project details for grsecurity

06:45 UTC

[Project]

grsecurity - Stable branch

Section: Unix

Added: Mon, Apr 23rd 2001 18:15 UTC (7 years, 5 months ago)

Updated: Thu, Dec 13th 2007 23:15 UTC (10 months, 5 days ago)

About:
grsecurity is a complete security system for Linux 2.4 and 2.6 that implements a detection/prevention/containment strategy. It prevents most forms of address space modification, confines programs via its Role-Based Access Control system, hardens syscalls, provides full-featured auditing, and implements many of the OpenBSD randomness features. It was written for performance, ease-of-use, and security. The RBAC system has an intelligent learning mode that can generate least privilege policies for the entire system with no configuration. All of grsecurity supports a feature that logs the IP of the attacker that causes an alert or audit.

Author:
spender [contact developer]

Homepage:
http://www.grsecurity.net/
Changelog:
http://www.grsecurity.net/cvs2-changelog
CVS tree (cvsweb):
http://cvsweb.grsecurity.net/

Trove categories: [change]
[License] OSI Approved :: GNU General Public License (GPL)
[Operating System] POSIX :: Linux
[Programming Language] C
[Topic] Security, Security :: Cryptography, System :: Logging, System :: Monitoring, System :: Operating System Kernels :: Linux

Dependencies: [change]
No dependencies filed

Project admins: [change]
» spender (Owner)

» Rating: 8.59/10.00 (Rank 237)
» Vitality: 0.19% (Rank 1145)
» Popularity: 9.92% (Rank 233)

(click to enlarge graphs)

   Record hits: 73,258
   URL hits: 54,126
   Subscribers: 292

Projects depending on this project:
Tor-ramdisk

Other projects from the same categories:
Openwall GNU/*/Linux
Automatos Server Agent
jsaes
NetSQUID
Zeta

Users who subscribed to this project also subscribed to:
XO Wave
MPGEDIT
MMBase
Qtella
phlyMail

Add comment · Rate this project · Subscribe to new releases · Ignore this project · Email this project to a friend · Project record in XML

Branches

Branch Version Last release License URLs

Stable 2.1.10 13-Dec-2007 GNU General Public License (GPL)

Development
Significant snapshots from the CVS repository. 2.0-test-2.6.4 12-Mar-2004 GNU General Public License (GPL)

Comments

[»] Grsec is amazing
by MuppetMania - Oct 10th 2003 21:06:54

This is now something I use by default on all my systems. It's totally stable and gives you that extra layer of security needed these days.

I can't recommend GrSecurity enough. It should be in the default kernel.

Tim

--
Beer Beer Beer. Drink Some, It's Tasty, Beer.

[reply] [top]

[»] help me ... i am in confusion????
by savitha - Apr 25th 2003 06:02:34

Actually... how is acl can view and even auditing without a front end??? just tell me something how to see the alert in auditing and whether this support the webmin

--
hi

[reply] [top]

[»] extremely powerful and easy to configure
by James Wilcox - Feb 19th 2003 11:50:40

Grsecurity is a great linux kernel patch that implements PaX protection (sort of like openwall), MAC (mandatory access control), and control of the network subsystem.

Setting up MAC with this is much easier than alternative security kits because of its auto learning feature that basically can write the acl's for you.

Try it!

[reply] [top]

[»] Re: extremely powerful and easy to configure
by spender - Feb 19th 2003 12:05:54

> Grsecurity is a great linux kernel patch
> that implements PaX protection (sort of
> like openwall)
This kind of comparison is similar to comparing a small hut to a skyscraper. Openwall's non-executable stack is a tiny subset of the full capabilities of PaX. The PaX team has recently released documentation available at http://pageexec.virtualave.net/docs/ that should clear up any misconceptions regarding its design and effectiveness.

[reply] [top]

[»] Wow! Good work ! :-)
by Tomek Lutelmowski - Nov 24th 2001 10:34:12

This patch is amazing in terms of security. I'm using it by default in all my systems, and it's going perfectly well. THANKS!

[reply] [top]